This invention relates to method of authenticating a person seeking to access a resource, which can be either a physical resource (such as a secure room) or a computer network resource, such as the network itself, a file on a network server, or other network resource.
Various industries have long recognized a need to authenticate users who seek to gain access to secure resources such as restricted buildings, rooms, safes, or other structures, or network resources such as computer systems for instance. Various authentication mechanisms have been proposed. In a simple embodiment, an authentication system extracts data from an authentication token (such as an encoded card) and receives a password (such as a personal identification number) from the user. The authentication system validates the information from the token, and the password from the person, in order to confirm that the user is entitled to gain access with the authentication token. In more complex applications, an authentication system receives biometric data (such as a fingerprint, an iris-scan, a face-scan, or a voiceprint) from the person and validates the biometric data in order to confirm that the person is authorized to gain access to the resource.
A method and authentication system is described herein for authenticating users seeking to access either physical or network resources through a combination of credential data (which could be a username plus password and/or the use of a token and/or card), voice print identification, and geographic location. The voice print and geographical location are preferably, but not necessarily, obtained from a telephone call between the user and the authentication system. The unique combination of credential data, and data obtained from a telephone call between the user and the authentication system, provides for a secure method of authenticating users.
Prior art references include US published patent application 2003/0135740 to Talmor et al., and U.S. Pat. No. 6,591,242.